R
RJK
I hope you're all tesing your a/v/ software, once in a while 
regards, Richard
regards, Richard
R
RJK
B
Brian A.
Now isn't that nice. A utility versioned back in May 03' that has no means of imitating any threat in 2005. Any person who uses it to test there AV and feels safe after getting the results is in for a rude awakening if they don't keep their AV up-to-date.
--
Brian A.
Conflicts start where information lacks.
http://www.dts-l.org/goodpost.htm
--
Brian A.
Conflicts start where information lacks.
http://www.dts-l.org/goodpost.htm
R
RJK
I didn't suggest that it was any good for "up to date-ness"
regards, Richard
Now isn't that nice. A utility versioned back in May 03' that has no means
of imitating any threat in 2005. Any person who uses it to test there AV and
feels safe after getting the results is in for a rude awakening if they
don't keep their AV up-to-date.
--
Brian A.
Conflicts start where information lacks.
http://www.dts-l.org/goodpost.htm
regards, Richard
Now isn't that nice. A utility versioned back in May 03' that has no means
of imitating any threat in 2005. Any person who uses it to test there AV and
feels safe after getting the results is in for a rude awakening if they
don't keep their AV up-to-date.
--
Brian A.
Conflicts start where information lacks.
http://www.dts-l.org/goodpost.htm
I
Ingeborg
That's not the purpose. It's just for testing _if_ your AV just does
anything. When you install a virusscanner, how will you know if the
installation succeeded? Eicar.
V
Vanguard
RJK said:I hope you're all tesing your a/v/ software, once in a while
regards, Richard
It can only be used to detect the old virus signatures. It won't test
your AV software's ability to eradicate the pest. It's like having a
boat load of duck hunters. They all notice the flock flying by but some
have shotguns while other have slingshots. They all noticed but only
some are effective. The only point of the string test is to see if your
AV software triggers at all (i.e., did everyone in the boat notice the
flock)?
A
Anthony Giorgianni
What is people's problem here? Richard offers a good piece of advice -- get
the test string, which will help you make sure your virus scanner is
properly scanning your machine. I use it all the time. It's no substitute
for updating your definitions, but it's good for what it's good for. It's a
great idea and it's wonderful that Richard takes the time and effort to
bring it to folks' attention. Instead of people starting to get into the a
big testosterone-induced debate, let's do the polite, incredible and
un-thought-of thing and say:..
THANK YOU FOR TAKING THE TIME TO POST THAT!!!
Geeze, isn't there enough bickering and hate and ill-will going on in the
world? We got terrorists, tsunamis and lots of other crap to give us a
really bad day if we need one. We don't need a bunch of negative-spin
troglodytes crawling out of their caves over every little thing.. Damn it
already.
--
Regards,
Anthony Giorgianni
The return address for this post is fictitious. Please reply by posting back
to the newsgroup.
the test string, which will help you make sure your virus scanner is
properly scanning your machine. I use it all the time. It's no substitute
for updating your definitions, but it's good for what it's good for. It's a
great idea and it's wonderful that Richard takes the time and effort to
bring it to folks' attention. Instead of people starting to get into the a
big testosterone-induced debate, let's do the polite, incredible and
un-thought-of thing and say:..
THANK YOU FOR TAKING THE TIME TO POST THAT!!!
Geeze, isn't there enough bickering and hate and ill-will going on in the
world? We got terrorists, tsunamis and lots of other crap to give us a
really bad day if we need one. We don't need a bunch of negative-spin
troglodytes crawling out of their caves over every little thing.. Damn it
already.
--
Regards,
Anthony Giorgianni
The return address for this post is fictitious. Please reply by posting back
to the newsgroup.
G
Gary S. Terhune
OP did not decently explain the test string and its limited purpose. People who aren't already savvy, the very people I assume OPs post was aimed at, aren't going to know about the limited purpose the test string serves unless someone lays it out for them in detail. Yes, they may find out their AV isn't functioning when they thought it was (or simply hadn't a clue), but by not understanding the limitations, they can easily be lulled into a false sense of security. And *that* is the objection to OP's post.
G
Greg R
Why are you saying Eicar is not a reliable test? That why they
developed that string for.
Eicar is used for testing the virus scanner to see if it works.
Does not mean you scanner will catch ever virus.
No virus scanner can do that.
You may want to take a look at this page
http://www.eicar.org/anti_virus_test_file.htm
It tells you all about it.
Greg R
G
Gary S. Terhune
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
M
mae
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
G
Gary S. Terhune
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
M
mae
The Eicar test works and I have tried on line scans too. Nothing ever found. I have used EZ for years and I trust it. Guess my browsing habits are different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
G
Gary S. Terhune
Actually, a DOS-boot scan is the absolute surest to catch a catalogued virus. Again, with the caveat that the floppy is created on a known-virus-free machine and write-protected. It wouldn't surprise me a bit to find out that one or more viruses are perfectly capable of disguising themselves from an online scan or preemptively disabling the scan.
--
Gary S. Terhune
MS MVP Shell/User
The Eicar test works and I have tried on line scans too. Nothing ever found. I have used EZ for years and I trust it. Guess my browsing habits are different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
--
Gary S. Terhune
MS MVP Shell/User
The Eicar test works and I have tried on line scans too. Nothing ever found. I have used EZ for years and I trust it. Guess my browsing habits are different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the background (which you *can* test using the Eicar string) and that it is up to date, then the real test is that the machine hasn't yet been infected. Either that or risk a failure by testing with a known virus--and even then, you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a known virus is to test using online or DOS-floppy-boot-based AV scans. (If using a floppy boot scan, be sure you create that floppy on a different machine, and that you write-protect it before putting it into the test machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years. I've even used it. I didn't say it wasn't a reliable test. I said it was a "limited" test. Yes, it tests to see if background scanning is functioning. It does not test to see if definitions are up to date. It does not test to see if some virus has managed to thwart its functioning in ways that would not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose, suggesting to average users that they "test antivirus" using this method is seriously misleading.
D
Dan
Where can you obtain a product that meets your requirements, Gary?
Actually, a DOS-boot scan is the absolute surest to catch a catalogued
virus. Again, with the caveat that the floppy is created on a
known-virus-free machine and write-protected. It wouldn't surprise me a bit
to find out that one or more viruses are perfectly capable of disguising
themselves from an online scan or preemptively disabling the scan.
--
Gary S. Terhune
MS MVP Shell/User
The Eicar test works and I have tried on line scans too. Nothing ever found.
I have used EZ for years and I trust it. Guess my browsing habits are
different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the
background (which you *can* test using the Eicar string) and that it is up
to date, then the real test is that the machine hasn't yet been infected.
Either that or risk a failure by testing with a known virus--and even then,
you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a
known virus is to test using online or DOS-floppy-boot-based AV scans. (If
using a floppy boot scan, be sure you create that floppy on a different
machine, and that you write-protect it before putting it into the test
machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I
run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years.
I've even used it. I didn't say it wasn't a reliable test. I said it was a
"limited" test. Yes, it tests to see if background scanning is functioning.
It does not test to see if definitions are up to date. It does not test to
see if some virus has managed to thwart its functioning in ways that would
not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose,
suggesting to average users that they "test antivirus" using this method is
seriously misleading.
--
Gary S. Terhune
MS MVP Shell/User
People who aren't already savvy, the very people I assume OPs post was aimed
at, aren't going to know about the limited purpose the test string serves
unless someone lays it out for them in detail. Yes, they may find out their
AV isn't functioning when they thought it was (or simply hadn't a clue), but
by not understanding the limitations, they can easily be lulled into a false
sense of security. And *that* is the objection to OP's post.
Actually, a DOS-boot scan is the absolute surest to catch a catalogued
virus. Again, with the caveat that the floppy is created on a
known-virus-free machine and write-protected. It wouldn't surprise me a bit
to find out that one or more viruses are perfectly capable of disguising
themselves from an online scan or preemptively disabling the scan.
--
Gary S. Terhune
MS MVP Shell/User
The Eicar test works and I have tried on line scans too. Nothing ever found.
I have used EZ for years and I trust it. Guess my browsing habits are
different than the average. I won't push my luck - I don't need a copy.
--
mae
Well, I have a few copies of viruses--want me to send you some, <g>?
The test is in the pudding--if you are certain the app is running in the
background (which you *can* test using the Eicar string) and that it is up
to date, then the real test is that the machine hasn't yet been infected.
Either that or risk a failure by testing with a known virus--and even then,
you'll only know that it was effective against that particular virus.
The way to be sure that your machine hasn't already been infected with a
known virus is to test using online or DOS-floppy-boot-based AV scans. (If
using a floppy boot scan, be sure you create that floppy on a different
machine, and that you write-protect it before putting it into the test
machine.)
--
Gary S. Terhune
MS MVP Shell/User
So, what would suggest to use as a test? I have never encountered a virus. I
run fulltime in the background scanning all files.
--
mae
I did read all about it. I've read all about it a few times over the years.
I've even used it. I didn't say it wasn't a reliable test. I said it was a
"limited" test. Yes, it tests to see if background scanning is functioning.
It does not test to see if definitions are up to date. It does not test to
see if some virus has managed to thwart its functioning in ways that would
not prevent the Eicar string being detected.
The complaint is that without a full explanation of its limited purpose,
suggesting to average users that they "test antivirus" using this method is
seriously misleading.
--
Gary S. Terhune
MS MVP Shell/User
People who aren't already savvy, the very people I assume OPs post was aimed
at, aren't going to know about the limited purpose the test string serves
unless someone lays it out for them in detail. Yes, they may find out their
AV isn't functioning when they thought it was (or simply hadn't a clue), but
by not understanding the limitations, they can easily be lulled into a false
sense of security. And *that* is the objection to OP's post.
G
Gary S. Terhune
www.f-prot.com has one. There are others. Just Google it, Dan.
H
Hugh Candlin
Dan said:
Any reputable virus scanner provides you with the capability
of creating a startup disk containing a scan engine and DAT files.
If it doesn't, the product isn't totally useless,
but it will be if you ever need the DOS-based scan capability.
G
Gary S. Terhune
But creating such a disk on the system where it is suddenly needed is suspect. Even if the system is running and can create such a disk, there's no guaranteeing its integrity.
If I feel that a DOS-level AV check is needed, I'd rather go to another system and create an F-Prot disk that is up to date.
If I feel that a DOS-level AV check is needed, I'd rather go to another system and create an F-Prot disk that is up to date.
H
Hugh Candlin
But creating such a disk on the system where it is suddenly needed is
suspect. Even if the system is running and can create such a disk, there's
no guaranteeing its integrity.
If I feel that a DOS-level AV check is needed, I'd rather go to another
system and create an F-Prot disk that is up to date.
--
Gary S. Terhune
MS MVP Shell/User
===============
Agreed. I should have made that point clear.
In my mind, I always see that disk being created only
when the virus scanner is first installed, which should
be done when there is no question of a virus being present.
Preferably right after a clean install of the OS.
The other side of the coin is that there is no guarantee
that the other machine will be clean either,
if it isn't one of your own.
suspect. Even if the system is running and can create such a disk, there's
no guaranteeing its integrity.
If I feel that a DOS-level AV check is needed, I'd rather go to another
system and create an F-Prot disk that is up to date.
--
Gary S. Terhune
MS MVP Shell/User
===============
Agreed. I should have made that point clear.
In my mind, I always see that disk being created only
when the virus scanner is first installed, which should
be done when there is no question of a virus being present.
Preferably right after a clean install of the OS.
The other side of the coin is that there is no guarantee
that the other machine will be clean either,
if it isn't one of your own.
B
Bruce Hagen
Please fix your clock. You're posting almost 5 hours in the past. And
I have no idea why this message was cross-posted to include Outlook
Express.
I have no idea why this message was cross-posted to include Outlook
Express.